Fortinet Launches New Web Application Firewall Appliances

Fortinet, a provider of network security solutions, today introduced three new appliances to its line of Web application firewalls designed to address the needs of businesses ranging from mid-sized organizations up through large enterprises and service providers.

Sunnyvale, California-based Fortinet also introduced enhancements to the FortiWeb 4.0 MR3 operating system, including new logging and reporting, ease-of-use and security and configuration capabilities.

The new Web application firewall lineup includes the FortiWeb-4000C, FortiWeb-3000C FSX and FortiWeb-400C.

FortiWeb-4000C

The new high performance FortiWeb-4000C targets large data centers that need to protect Web applications such as those containing data subject to PCI-DSS guidelines. This enterprise-grade Web application firewall appliance supports 70,000 transactions-per-second and 2 Gbps throughput.

The FortiWeb-4000C makes use of hardware-based acceleration to improve enforcement of data loss prevention (DLP) policies. Due to the intense scanning required for outgoing data and information accessed by users, DLP policies typically require significant CPU power. With hardware dedicated to DLP processes, the FortiWeb-4000C is able to deliver high performance while freeing up core CPU resources for other tasks.

FortiWeb-3000C FSX

The FortiWeb-3000C FSX retains all of the features and benefits of the FortiWeb-3000C appliance with the addition of a fiber bypass card to support large data centers requiring fiber support. The new appliance features an additional fiber bypass interface supporting fiber SX interfaces. The FortiWeb-3000C, FSX offers flexible deployment options with layer-seven load balancing and hardware- and software-based acceleration to improve resource utilization and application stability, while reducing server response times.

FortiWeb-400C

The FortiWeb-400C replaces the FortiWeb-400B and is offered as a cost-effective Web application firewall appliance designed to secure Web applications and protect sensitive database content by blocking threats such as cross-site scripting, SQL injection, buffer overflows, file inclusion, denial-of-service and cookie poisoning. The FortiWeb-400C and other FortiWeb appliances also feature a Web vulnerability scanner and aid in PCI DSS 6.6 compliance by protecting against the Open Web Application Security Project's (OWASP) Top 10 Web Application Vulnerabilities.

Updated FortiWeb 4.0 MR3 Operating System

That latest version of FortiWeb 4.0 MR3, the core operating system that powers the FortiWeb product family, brings enhancements focusing on three key areas: logging and reporting, security and configuration, and ease-of-use.

In terms of logging and reporting, FortiWeb 4.0 MR3 provides integration with Fortinet's FortiAnalyzer, offering an easy way to centrally manage logs and reports from multiple FortiWeb physical or virtual appliances, as well as other Fortinet products. A new FortiWeb analytics interface makes real-time data analysis easier and enables organizations to analyze Web server usage from a Hit, Flow and Attack point of view. In addition, security administrators can map these requests based on their geographic point of origin to have a better understanding of server behavior and identify potential threats, the company said.

To defend against denial-of-service (DoS) attacks, FortiWeb 4.0 MR3 features a new protection layer that provides network and application DoS policies. Leveraging new algorithms contained in these DoS policies, the FortiWeb product family can now analyze requests originating from users to determine their legitimacy or if they are being triggered by automated attacks associated with Advanced Persistent Threats (APT) or news strains of malware. The new operating software also provides period blocking, which enhances protection by enabling administrators to block individual users for specified periods of time instead of just a specific connection. It also supports advanced compression for more efficient bandwidth utilization and improved user response time. In addition, new load balancing enhancements provide content-based health checks and new alerts in the event of server failures.